Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now! Learn more

Reply
smpa01
Super User
Super User

Lakehouse Access

‎07-30-2024 10:59 AM

Is it possible to restrict access to a Lakehouse for a specific adimn in workspace.

 

The current workspace is shared by 4 different Admins from different dept. Each Admin has their dept-specific lakehouse; just to prevent one admin to accidentally write anything to LH1(specific to me) / destory anything from LH1,  is threre any way to restrict to access of other admin to LH1.

 

None of us are tenant admin; rather we re workspace admin.

Did I answer your question? Mark my post as a solution!
Proud to be a Super User!
My custom visualization projects
Plotting Live Sound: Viz1
Beautiful News:Viz1, Viz2, Viz3
Visual Capitalist: Working Hrs
Labels:
Message 1 of 3
1,177 Views
0
1 ACCEPTED SOLUTION
Anonymous
Not applicable

‎07-31-2024 12:34 AM

Hi @smpa01 ,

 

Thanks for the reply from @frithjof_v .

 

In lakehouse, users with Admin, Member, Contributor roles can perform all CRUD operations on all data. Users with the Viewer role can only read data stored in tables using SQL analysis endpoints.

 

If you have 4 Admins in the same workspace, then they will have access to perform all CRUD operations on all data at the same time.

 

To accomplish your needs, it would be best if each department had its own workspace, and then each administrator had their department-specific OneLakehouse.

 

You can also try the Medal Architecture, which does not allow for direct editing of permissions, but does allow for different functionality through different levels.

 

It is divided into three different levels, each representing an increase in data quality:

 

Bronze Layer (Bronze Layer): this is the raw data layer, storing raw data imported directly from various data sources. Data is not processed at this level and may contain duplicates and errors.

 

Silver Layer: At this level, data is cleaned, validated and de-duplicated. Data in the Silver Layer is of higher quality and is suitable for further analysis and processing.

 

Gold Layer: This is the highest quality data layer and stores highly optimized and aggregated data. Data in the Gold Layer is typically used for final business intelligence and reporting, as it has been fully processed and validated.

 

If you have four departments ABCD, and you create three different layers of Lakehouse for department A, you can give access to Bronze Layer only to department BCD.

 

For more information on the medallion structure see the documentation below:

What is the medallion lakehouse architecture? - Azure Databricks | Microsoft Learn

Implement medallion lakehouse architecture in Microsoft Fabric - Microsoft Fabric | Microsoft Learn

 

Best Regards,
Yang
Community Support Team

 

If there is any post helps, then please consider Accept it as the solution  to help the other members find it more quickly.
If I misunderstand your needs or you still have problems on it, please feel free to let us know. Thanks a lot!

View solution in original post

Message 3 of 3
1,134 Views
0
2 REPLIES 2
Anonymous
Not applicable

‎07-31-2024 12:34 AM

Hi @smpa01 ,

 

Thanks for the reply from @frithjof_v .

 

In lakehouse, users with Admin, Member, Contributor roles can perform all CRUD operations on all data. Users with the Viewer role can only read data stored in tables using SQL analysis endpoints.

 

If you have 4 Admins in the same workspace, then they will have access to perform all CRUD operations on all data at the same time.

 

To accomplish your needs, it would be best if each department had its own workspace, and then each administrator had their department-specific OneLakehouse.

 

You can also try the Medal Architecture, which does not allow for direct editing of permissions, but does allow for different functionality through different levels.

 

It is divided into three different levels, each representing an increase in data quality:

 

Bronze Layer (Bronze Layer): this is the raw data layer, storing raw data imported directly from various data sources. Data is not processed at this level and may contain duplicates and errors.

 

Silver Layer: At this level, data is cleaned, validated and de-duplicated. Data in the Silver Layer is of higher quality and is suitable for further analysis and processing.

 

Gold Layer: This is the highest quality data layer and stores highly optimized and aggregated data. Data in the Gold Layer is typically used for final business intelligence and reporting, as it has been fully processed and validated.

 

If you have four departments ABCD, and you create three different layers of Lakehouse for department A, you can give access to Bronze Layer only to department BCD.

 

For more information on the medallion structure see the documentation below:

What is the medallion lakehouse architecture? - Azure Databricks | Microsoft Learn

Implement medallion lakehouse architecture in Microsoft Fabric - Microsoft Fabric | Microsoft Learn

 

Best Regards,
Yang
Community Support Team

 

If there is any post helps, then please consider Accept it as the solution  to help the other members find it more quickly.
If I misunderstand your needs or you still have problems on it, please feel free to let us know. Thanks a lot!

Message 3 of 3
1,135 Views
0
frithjof_v
Super User
Super User

‎07-30-2024 11:48 PM

I don't think so.

 

Then I think you would need to remove those users from the Workspace access, and instead give them item permissions on the relevant items which they need permission on.

(Or put the lakehouses in separate workspaces).

 

In general, if a user has a workspace role (admin, member, contributor, viewer) then the workspace role will give them permissions on all items in the workspace according to the workspace role they have.

 

https://learn.microsoft.com/en-us/fabric/get-started/roles-workspaces

Message 2 of 3
1,136 Views
0

Helpful resources

Announcements
December Fabric Update Carousel

Fabric Monthly Update - December 2025

Check out the December 2025 Fabric Holiday Recap!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All